Microsoft shuts down Russia-linked sites targeting U.S. politics

By

Susan McFarland

A man in a Microsoft booth watches a video presentation about hacking and cybersecurity during the CyberTech 2018 conference in Tel Aviv, Israel, on January 30. The company said Monday it shuttered 6 Russia-linked websites that targeted U.S. political entities. File Photo by Jim Hollander/EPA-EFE

Aug. 21 (UPI) -- Six websites targeting a conservative think tank and the U.S. Senate have been disabled by Microsoft, which said the attacks originated in Russia.

A blog post by Microsoft Monday said it executed a court order to shut down the websites created by a group tied to Russian intelligence, known as Strontium. It's also called Fancy Bear or APT28.

Microsoft said in the past two years, it has shuttered 84 websites associated with the group.

Microsoft said the hacking group created false Internet domains to mimic two U.S. conservative organizations -- the Hudson Institute and the International Republican Institute -- and other domains designed to look like they belonged to the U.S. Senate.

"Broadening cyberthreats to both U.S. political parties make clear that the tech sector will need to do more to help protect the democratic process," Microsoft said in a statement. "Attackers want their attacks to look as realistic as possible and they therefore create websites and URLs that look like sites their targeted victims would expect to receive email from or visit."

To help fight the issue, Microsoft expanded its Defending Democracy Program with a new tool called AccountGuard, which provides cybersecurity protection for all candidates and campaign offices at the federal, state and local levels.

Microsoft said it's taking action to stem potential threats that could mar the key midterm elections in November.

"We're concerned that these and other attempts pose security threats to a broadening array of groups connected with both American political parties in the run-up to the 2018 elections," the software maker said.

Last month, Microsoft security executive Tom Burt said at the Aspen Security Forum in Colorado the hackers who meddled in the 2016 vote have already started going after the campaigns of at least three midterm candidates, including Sen. Claire McCaskill, a Missouri Democrat running for re-election.